GUACAMOLE-462: Create recordings/typescripts with group read permission.

Previously, all recordings/typescripts were strictly readable by the service user that created them (guacd). This prevents reading by other services like the Guacamole web application. Instead, recordings/typescripts should at least be group-readable.
2022-02-17 09:25:26 -08:00 · 2022-02-17 09:25:26 -08:00 · 4d41b38a24
commit 4d41b38a24
parent 29535e6cb8
2 changed files with 9 additions and 7 deletions
--- a/src/common/recording.c
+++ b/src/common/recording.c
@ -84,7 +84,7 @@ static int guac_common_recording_open(const char* path,
    /* Attempt to open recording */
    int fd = open(basename,
            O_CREAT | O_EXCL | O_WRONLY,
-            S_IRUSR | S_IWUSR);
+            S_IRUSR | S_IWUSR | S_IRGRP);

    /* Continuously retry with alternate names on failure */
    if (fd == -1) {
@ -103,7 +103,7 @@ static int guac_common_recording_open(const char* path,
            /* Retry with newly-suffixed filename */
            fd = open(basename,
                    O_CREAT | O_EXCL | O_WRONLY,
-                    S_IRUSR | S_IWUSR);
+                    S_IRUSR | S_IWUSR | S_IRGRP);

        }

@ -144,7 +144,8 @@ guac_common_recording* guac_common_recording_create(guac_client* client,

    /* Create path if it does not exist, fail if impossible */
 #ifndef __MINGW32__
-    if (create_path && mkdir(path, S_IRWXU) && errno != EEXIST) {
+    if (create_path && mkdir(path, S_IRWXU | S_IRGRP | S_IXGRP)
+            && errno != EEXIST) {
 #else
    if (create_path && _mkdir(path) && errno != EEXIST) {
 #endif
--- a/src/terminal/typescript.c
+++ b/src/terminal/typescript.c
@ -79,7 +79,7 @@ static int guac_terminal_typescript_open_data_file(const char* path,
    /* Attempt to open typescript data file */
    int data_fd = open(basename,
            O_CREAT | O_EXCL | O_WRONLY,
-            S_IRUSR | S_IWUSR);
+            S_IRUSR | S_IWUSR | S_IRGRP);

    /* Continuously retry with alternate names on failure */
    if (data_fd == -1) {
@ -98,7 +98,7 @@ static int guac_terminal_typescript_open_data_file(const char* path,
            /* Retry with newly-suffixed filename */
            data_fd = open(basename,
                    O_CREAT | O_EXCL | O_WRONLY,
-                    S_IRUSR | S_IWUSR);
+                    S_IRUSR | S_IWUSR | S_IRGRP);

        }

@ -112,7 +112,8 @@ guac_terminal_typescript* guac_terminal_typescript_alloc(const char* path,
        const char* name, int create_path) {

    /* Create path if it does not exist, fail if impossible */
-    if (create_path && mkdir(path, S_IRWXU) && errno != EEXIST)
+    if (create_path && mkdir(path, S_IRWXU | S_IRGRP | S_IXGRP)
+            && errno != EEXIST)
        return NULL;

    /* Allocate space for new typescript */
@ -141,7 +142,7 @@ guac_terminal_typescript* guac_terminal_typescript_alloc(const char* path,
    /* Attempt to open typescript timing file */
    typescript->timing_fd = open(typescript->timing_filename,
            O_CREAT | O_EXCL | O_WRONLY,
-            S_IRUSR | S_IWUSR);
+            S_IRUSR | S_IWUSR | S_IRGRP);
    if (typescript->timing_fd == -1) {
        close(typescript->data_fd);
        free(typescript);